Turla faces another devastating disclosure, a report that Turla exploited gaps in the security model of satellite TV and internet systems to make it possible for compromised computers to contact the C&C servers without revealing their locations.

Satellite internet services that are delivered over DVB-S satellite TV links use unencrypted links: users send data to the satellites through normal internet links, without encryption, that terminate in satellite ground-stations that uplink to the space-based units. The satellites then beam down their communications (again, without encryption) to a region whose footprint has a radius of 600 miles.

Turla intercepted communications destined for the satellite base stations (called "teleport points") and injected their own data into the streams. The satellites retransmitted this data to a 600 square-mile radius zone. The addressee of the data ignored it, because it had a nonsense port-number associated with it. But Turla was able to receive this data and act on it.